General
-
Target
c867d9e400d87f94d2debce45faf45fb305597de3c5cb71a600d5dcf10ffa0f9
-
Size
275KB
-
Sample
240505-2w2efabf75
-
MD5
fb7c0d8b2b78d313f0b6a821a076dd65
-
SHA1
ec7eb093f92ef8ef09feecd83d101b9c150f9552
-
SHA256
c867d9e400d87f94d2debce45faf45fb305597de3c5cb71a600d5dcf10ffa0f9
-
SHA512
04de8b87d7705d14ff2ffad8d9091eaa3a3e6c8b145032b9b96367ac698335a2a64acbf5f40030b680020e41a62d9e36301ba881b5b9ec778b2e52843349957a
-
SSDEEP
3072:V5PTHkmRJMZ/V4/PD7IyxsZnqNsqlC5jHlLOt5E:DkWJyV4/PolZnq9+xu
Static task
static1
Behavioral task
behavioral1
Sample
c867d9e400d87f94d2debce45faf45fb305597de3c5cb71a600d5dcf10ffa0f9.exe
Resource
win7-20240220-en
Malware Config
Extracted
stealc
http://185.172.128.151
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
c867d9e400d87f94d2debce45faf45fb305597de3c5cb71a600d5dcf10ffa0f9
-
Size
275KB
-
MD5
fb7c0d8b2b78d313f0b6a821a076dd65
-
SHA1
ec7eb093f92ef8ef09feecd83d101b9c150f9552
-
SHA256
c867d9e400d87f94d2debce45faf45fb305597de3c5cb71a600d5dcf10ffa0f9
-
SHA512
04de8b87d7705d14ff2ffad8d9091eaa3a3e6c8b145032b9b96367ac698335a2a64acbf5f40030b680020e41a62d9e36301ba881b5b9ec778b2e52843349957a
-
SSDEEP
3072:V5PTHkmRJMZ/V4/PD7IyxsZnqNsqlC5jHlLOt5E:DkWJyV4/PolZnq9+xu
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-